XMLSigner Class
Properties Methods Events Configuration Settings Errors
The XMLSigner class provides a simple interface for digitally signing XML data according to the XML-Signature Syntax and Processing specification.
Syntax
class secureblackbox.XMLSigner
Remarks
To sign the data, you need to specify the data to be signed using the references property, then select the signature type and signature method type (signature or MAC).
Set the path to the file to be signed via the input_file. Signed data will be saved in the output_file. Finally, call the sign method to generate a signature and save signed data. It is possible to generate a signature remotely: use sign_external method to do this.
Asynchronous signing is also supported. Call sign_async_begin to generate a signature and save the generated XML-DSIG without signature value into the document. To complete the signing, call sign_async_end.
XMLSigner only performs basic signing of XML documents. For richer features, such as XAdES and/or chain validation, please see the XAdESSigner class
Property List
The following is the full list of the properties of the class with short descriptions. Click on the links for further details.
| canonicalization_method | Specifies XML canonicalization method to use. |
| encoding | Specifies XML encoding. |
| external_crypto_custom_params | Custom parameters to be passed to the signing service (uninterpreted). |
| external_crypto_data | Additional data to be included in the async state and mirrored back by the requestor. |
| external_crypto_external_hash_calculation | Specifies whether the message hash is to be calculated at the external endpoint. |
| external_crypto_hash_algorithm | Specifies the request's signature hash algorithm. |
| external_crypto_key_id | The ID of the pre-shared key used for DC request authentication. |
| external_crypto_key_secret | The pre-shared key used for DC request authentication. |
| external_crypto_method | Specifies the asynchronous signing method. |
| external_crypto_mode | Specifies the external cryptography mode. |
| external_crypto_public_key_algorithm | Provide public key algorithm here if the certificate is not available on the pre-signing stage. |
| hash_algorithm | Specifies the hash algorithm to be used. |
| input_bytes | Use this property to pass the input to class in the byte array form. |
| input_file | Specifies the XML document to be signed. |
| output_bytes | Use this property to read the output the class object has produced. |
| output_file | A file where the signed document is to be saved. |
| reference_count | The number of records in the Reference arrays. |
| reference_auto_generate_element_id | Specifies whether the identifier (ID) attribute for a referenced (target) element should be auto-generated during signing. |
| reference_canonicalization_method | Use this property to specify the canonicalization method for the transform of the reference. |
| reference_custom_element_id | Specifies a custom identifier (ID) attribute for a referenced (target) element that will be set on signing. |
| reference_digest_value | Use this property to get or set the value of the digest calculated over the referenced data. |
| reference_handle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| reference_hash_algorithm | Specifies the hash algorithm to be used. |
| reference_has_uri | Specifies whether the URI is set (even when it is empty). |
| reference_id | A user-defined identifier (ID) attribute of this Reference element. |
| reference_inclusive_namespaces_prefix_list | Use this property to specify InclusiveNamespaces PrefixList for exclusive canonicalization transform of the reference. |
| reference_reference_type | The Reference's type attribute as defined in XMLDSIG specification. |
| reference_target_data | Contains the referenced external data when the digest value is not explicitly specified. |
| reference_target_xml_element | This property specifies the referenced XML element. |
| reference_uri | Use this property to get or set the URL which references the data. |
| reference_use_base_64_transform | Specifies whether Base64 transform is included in transform chain. |
| reference_use_enveloped_signature_transform | Specifies whether enveloped signature transform is included in transform chain. |
| reference_use_x_path_filter_2_transform | Specifies whether XPath Filter 2. |
| reference_use_x_path_transform | Specifies whether XPath transform is included in transform chain. |
| reference_x_path_expression | Use this property to specify XPath expression for XPath transform of the reference. |
| reference_x_path_filter_2_expressions | Use this property to specify XPointer expression(s) for XPath Filter 2. |
| reference_x_path_filter_2_filters | Use this property to specify XPointer filter(s) for XPath Filter 2. |
| reference_x_path_filter_2_prefix_list | Use this property to specify a prefix list for XPath Filter 2. |
| reference_x_path_prefix_list | Use this property to specify a prefix list for XPath transform of the reference. |
| signature_type | The signature type to employ when signing the document. |
| signing_cert_bytes | Returns raw certificate data in DER format. |
| signing_cert_handle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| signing_chain_count | The number of records in the SigningChain arrays. |
| signing_chain_bytes | Returns raw certificate data in DER format. |
| signing_chain_handle | Allows to get or set a 'handle', a unique identifier of the underlying property object. |
| xml_element | Specifies the XML element where to save the signature data. |
| namespace_count | The number of records in the Namespace arrays. |
| namespace_prefix | A user-defined prefix value of a namespace. |
| namespace_uri | A user-defined URI value of a namespace. |
Method List
The following is the full list of the methods of the class with short descriptions. Click on the links for further details.
| add_data_reference | Creates a new XML reference to the specified data. |
| add_reference | Creates a new XML reference to the specified XML element. |
| config | Sets or retrieves a configuration setting. |
| extract_async_data | Extracts user data from the DC signing service response. |
| sign | Signs an XML document. |
| sign_async_begin | Initiates the asynchronous signing operation. |
| sign_async_end | Completes the asynchronous signing operation. |
| sign_external | Signs the document using an external signing facility. |
Event List
The following is the full list of the events fired by the class with short descriptions. Click on the links for further details.
| on_error | Reports the details of signing errors. |
| on_external_sign | Handles remote or external signing initiated by the SignExternal method or other source. |
| on_format_element | Reports the XML element that is currently being processed. |
| on_format_text | Reports XML text that is currently being processed. |
| on_notification | This event notifies the application about an underlying control flow event. |
| on_resolve_reference | Asks the application to resolve a reference. |
Configuration Settings
The following is a list of configuration settings for the class with short descriptions. Click on the links for further details.
| DetachedResourceURI | Specifies a detached resource URI. |
| EnvelopingObjectEncoding | Specifies the enveloping object encoding. |
| EnvelopingObjectID | Specifies the enveloping object identifier. |
| EnvelopingObjectMimeType | Specifies the enveloping object MIME type. |
| ExclusiveCanonicalizationPrefix | Specifies the exclusive canonicalization prefix. |
| HMACKey | The key value for HMAC. |
| HMACOutputLength | TBD. |
| IDAttributeName | Specifies the custom name of ID attribute. |
| IDAttributeNamespaceURI | Specifies the custom namespace URI of ID attribute. |
| IncludeKey | Specifies whether to include the signing key to the signature. |
| IncludeKeyValue | Specifies whether the key value must be included to the signature. |
| InclusiveNamespacesPrefixList | Specifies the InclusiveNamespaces PrefixList. |
| InputType | Specifies the Input type. |
| KeyInfoCustomXML | The custom XML content for KeyInfo element. |
| KeyInfoDetails | Specifies the signing key info details to include to the signature. |
| KeyInfoID | Specifies the ID for KeyInfo element. |
| KeyName | Contains information about the key used for signing. |
| ManifestCount | The number of the manifest elements. |
| ManifestID[Index] | The ID of the manifest element. |
| ManifestObjectIndex[Index] | The object element index to which the manifest element belongs. |
| ManifestXML[Index] | The XML content of the manifest element. |
| ObjectCount | The number of the object elements. |
| ObjectEncoding[Index] | The Encoding of the object element. |
| ObjectID[Index] | The ID of the object element. |
| ObjectMimeType[Index] | The MIME type of the object element. |
| ObjectXML[Index] | The XML content of the object element. |
| SignatureCompliance | Specifies the signature compliance mode. |
| SignatureID | Specifies the ID for Signature element. |
| SignaturePrefix | Specifies the signature prefix. |
| SignaturePropertiesCount | The number of the signature properties elements. |
| SignaturePropertiesID[Index] | The ID of the signature properties element. |
| SignaturePropertiesObjectIndex[Index] | The object element index to which the signature properties element belongs. |
| SignaturePropertiesXML[Index] | The XML content of the signature properties element. |
| SignaturePropertyCount | The number of the signature property elements. |
| SignaturePropertyID[Index] | The ID of the signature properties element. |
| SignaturePropertyPropertiesIndex[Index] | The signature properties element index to which the signature property element belongs. |
| SignaturePropertyTarget[Index] | The Target of the signature properties element. |
| SignaturePropertyXML[Index] | The XML content of the signature property element. |
| SignatureValue | Contains the SignatureValue. |
| SignatureValueID | Specifies the ID for SignatureValue element. |
| SignedInfoID | Specifies the ID for SignedInfo element. |
| TempPath | Location where the temporary files are stored. |
| UseHMACSigning | Whether to use HMAC signing. |
| UsePSS | Whether to use RSASSA-PSS algorithm. |
| WriteBOM | Specifies whether byte-order mark should be written when saving the document. |
| XMLFormatting | Specifies the signature XML formatting. |
| CheckKeyIntegrityBeforeUse | Enables or disable private key integrity check before use. |
| CookieCaching | Specifies whether a cookie cache should be used for HTTP(S) transports. |
| Cookies | Gets or sets local cookies for the class (supported for HTTPClient, RESTClient and SOAPClient only). |
| DefDeriveKeyIterations | Specifies the default key derivation algorithm iteration count. |
| EnableClientSideSSLFFDHE | Enables or disables finite field DHE key exchange support in TLS clients. |
| GlobalCookies | Gets or sets global cookies for all the HTTP transports. |
| HttpUserAgent | Specifies the user agent name to be used by all HTTP clients. |
| LogDestination | Specifies the debug log destination. |
| LogDetails | Specifies the debug log details to dump. |
| LogFile | Specifies the debug log filename. |
| LogFilters | Specifies the debug log filters. |
| LogFlushMode | Specifies the log flush mode. |
| LogLevel | Specifies the debug log level. |
| LogMaxEventCount | Specifies the maximum number of events to cache before further action is taken. |
| LogRotationMode | Specifies the log rotation mode. |
| MaxASN1BufferLength | Specifies the maximal allowed length for ASN.1 primitive tag data. |
| MaxASN1TreeDepth | Specifies the maximal depth for processed ASN.1 trees. |
| OCSPHashAlgorithm | Specifies the hash algorithm to be used to identify certificates in OCSP requests. |
| UseOwnDNSResolver | Specifies whether the client classes should use own DNS resolver. |
| UseSharedSystemStorages | Specifies whether the validation engine should use a global per-process copy of the system certificate stores. |
| UseSystemOAEPAndPSS | Enforces or disables the use of system-driven RSA OAEP and PSS computations. |
| UseSystemRandom | Enables or disables the use of the OS PRNG. |